CVE

Apache MINA SSHD code execution | CVE-2022-45047

November 17, 2022

NAME Apache MINA SSHD code execution Platforms Affected:Apache MINA SSHD 2.9.1Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache MINA SSHD could allow a...

Jenkins Naginator Plugin cross-site scripting | CVE-2022-45382

November 17, 2022

NAME Jenkins Naginator Plugin cross-site scripting Platforms Affected:Jenkins Naginator Plugin 1.18.1Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Naginator Plugin is vulnerable to...

Jenkins Script Security Plugin information disclosure | CVE-2022-45379

November 17, 2022

NAME Jenkins Script Security Plugin information disclosure Platforms Affected:Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fdeRisk Level:8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Jenkins Script Security Plugin...

Mozilla Firefox security bypass | CVE-2022-45415

November 17, 2022

NAME Mozilla Firefox security bypass Platforms Affected:Mozilla Firefox 106Risk Level:8.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Mozilla Firefox could allow a remote attacker to...

Apache Airflow command execution | CVE-2022-40127

November 17, 2022

NAME Apache Airflow command execution Platforms Affected:Apache Airflow 2.3.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Airflow could allow a remote authenticated attacker...

Wasmtime information disclosure | CVE-2022-39393

November 17, 2022

NAME Wasmtime information disclosure Platforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Wasmtime could allow a remote attacker to obtain sensitive information, caused...

Canteen Management System file upload | CVE-2022-43265

November 17, 2022

NAME Canteen Management System file upload Platforms Affected:Risk Level:7.3Exploitability:HighConsequences:File Manipulation DESCRIPTION Canteen Management System could allow a remote attacker to...

Jenkins BART Plugin cross-site scripting | CVE-2022-45387

November 17, 2022

NAME Jenkins BART Plugin cross-site scripting Platforms Affected:Jenkins BART Plugin 1.0.3Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins BART Plugin is vulnerable to...

F5 BIG-IP and BIG-IQ cross-site request forgery | CVE-2022-41622

November 17, 2022

NAME F5 BIG-IP and BIG-IQ cross-site request forgery Platforms Affected:F5 BIG-IP 13.1.0 F5 BIG-IP 14.1.0 F5 BIG-IP 15.1.0 F5 BIG-IQ...

F5 BIG-IP security bypass | CVE-2022-41800

November 17, 2022

NAME F5 BIG-IP security bypass Platforms Affected:F5 BIG-IP 13.1.0 F5 BIG-IP 14.1.0 F5 BIG-IP (Advanced WAF) 15.1.0 F5 BIG-IP 16.1.0...

Daily Vulnerability Trends: Thu Nov 17 2022

November 17, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-40684An authentication bypass using an alternate path or channel in Fortinet FortiOS...

Daily Vulnerability Trends: Wed Nov 16 2022

November 16, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-1802 No description provided CVE-2022-41352An issue was discovered in Zimbra Collaboration (ZCS)...

Train Scheduler App cross-site scripting | CVE-2022-43079

November 15, 2022

NAME Train Scheduler App cross-site scripting Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Train Scheduler App is vulnerable to cross-site scripting, caused...

Intel Active Management Technology (AMT) SDK, Endpoint Management Assistant (EMA), and Manageability Commander privilege escalation | CVE-2022-26341

November 15, 2022

NAME Intel Active Management Technology (AMT) SDK, Endpoint Management Assistant (EMA), and Manageability Commander privilege escalation Platforms Affected:Risk Level:8.2Exploitability:UnprovenConsequences:Gain Privilege...

Daily Vulnerability Trends: Tue Nov 15 2022

November 15, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-25370An incorrect implementation handling file descriptor in dpu driver prior to SMR...

Intel Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families privilege escalation | CVE-2022-30542

November 14, 2022

NAME Intel Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families privilege escalation Platforms Affected:Intel Server...

Intel Active Management Technology (AMT) SDK, Endpoint Management Assistant (EMA), and Manageability Commander privilege escalation | CVE-2022-26341

November 14, 2022

Daily Vulnerability Trends: Mon Nov 14 2022

November 14, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-25370An incorrect implementation handling file descriptor in dpu driver prior to SMR...

POWER METER SICAM Q100 code execution | CVE-2022-43545

November 13, 2022

NAME POWER METER SICAM Q100 code execution Platforms Affected:Risk Level:9.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION POWER METER SICAM Q100 could allow a remote...

Siemens SICAM Q100 session hijacking | CVE-2022-43398

November 13, 2022

NAME Siemens SICAM Q100 session hijacking Platforms Affected:Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Siemens SICAM Q100 could allow a remote attacker to...

Google Android privilege escalation | CVE-2021-1050

November 13, 2022

NAME Google Android privilege escalation Platforms Affected:Risk Level:8.4Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION Google Android could allow a local attacker to gain elevated...

Multiple AMD Graphics products code execution | CVE-2021-26360

November 13, 2022

NAME Multiple AMD Graphics products code execution Platforms Affected:AMD Radeon RX 5000 Series AMD Radeon PRO W5000 Series AMD Radeon...

Intel Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families privilege escalation | CVE-2022-30542

November 13, 2022

NAME Intel Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families privilege escalation Platforms Affected:Intel Server...

GrafanaCve202239328PrivEsc | CVE-2022-39328

November 13, 2022

NAME GrafanaCve202239328PrivEsc Platforms Affected:Grafana Grafana 9.2.3 Grafana Grafana 9.2.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Grafana could allow a remote attacker to gain...

CVE

Apache MINA SSHD code execution | CVE-2022-45047

Jenkins Naginator Plugin cross-site scripting | CVE-2022-45382

Jenkins Script Security Plugin information disclosure | CVE-2022-45379

Mozilla Firefox security bypass | CVE-2022-45415

Apache Airflow command execution | CVE-2022-40127

Wasmtime information disclosure | CVE-2022-39393

Canteen Management System file upload | CVE-2022-43265

Jenkins BART Plugin cross-site scripting | CVE-2022-45387

F5 BIG-IP and BIG-IQ cross-site request forgery | CVE-2022-41622

F5 BIG-IP security bypass | CVE-2022-41800

Daily Vulnerability Trends: Thu Nov 17 2022

Daily Vulnerability Trends: Wed Nov 16 2022

Train Scheduler App cross-site scripting | CVE-2022-43079

Intel Active Management Technology (AMT) SDK, Endpoint Management Assistant (EMA), and Manageability Commander privilege escalation | CVE-2022-26341

Daily Vulnerability Trends: Tue Nov 15 2022

Intel Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families privilege escalation | CVE-2022-30542

Intel Active Management Technology (AMT) SDK, Endpoint Management Assistant (EMA), and Manageability Commander privilege escalation | CVE-2022-26341

Daily Vulnerability Trends: Mon Nov 14 2022

POWER METER SICAM Q100 code execution | CVE-2022-43545

Siemens SICAM Q100 session hijacking | CVE-2022-43398

Google Android privilege escalation | CVE-2021-1050

Multiple AMD Graphics products code execution | CVE-2021-26360

Intel Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families privilege escalation | CVE-2022-30542

GrafanaCve202239328PrivEsc | CVE-2022-39328

[KAIROS] – Ransomware Victim: fredsalvuccicorp[.]com

[BABUK2] – Ransomware Victim: Mandarin[.]com[.]br By Babuk Locker 2[.]0

[AKIRA] – Ransomware Victim: Fickling & Company

[RANSOMHUB] – Ransomware Victim: www[.]hexosys[.]com

[AKIRA] – Ransomware Victim: Callico Distributors, Inc[.]

You may have missed